After all my different ways of patching it ugly and not. Here is my final patch. This one seems most cleanly and seems just what was needed. I added a function DropPrivledges to server.c which is called from CreateSocket. So this forces the program, as soon as the socket is created it drops permissions like it should be. I reccomend submitting to CVS.
-- Dan Weber
#! /bin/sh -e
## 07_drop_privledges.dpatch by <[EMAIL PROTECTED]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
if [ $# -lt 1 ]; then
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
exit 1
fi
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
case "$1" in
-patch) patch -p1 ${patch_opts} < $0;;
-unpatch) patch -R -p1 ${patch_opts} < $0;;
*)
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
exit 1;;
esac
exit 0
@DPATCH@
diff -urNad /usr/src/dbmail-2.0/server.c dbmail-2.0/server.c
--- /usr/src/dbmail-2.0/server.c 2004-05-11 21:03:36.000000000 -0400
+++ dbmail-2.0/server.c 2004-05-11 21:03:48.000000000 -0400
@@ -48,7 +48,7 @@
#include <arpa/inet.h>
#include <netdb.h>
#include <signal.h>
-
+#include <pwd.h>
int GeneralStopRequested = 0;
int Restart = 0;
@@ -154,6 +154,17 @@
}
}
+int DropPrivledges(serverConfig_t *conf)
+{
+ /* Dropping Permissions to effective user */
+ trace(TRACE_INFO, "Dropping root privledges");
+
+ struct passwd *user;
+ user = getpwnam(conf->serverUser);
+ setresuid(user->pw_uid,user->pw_uid,user->pw_uid);
+ setresgid(user->pw_gid,user->pw_gid,user->pw_gid);
+ return(0);
+}
int CreateSocket(serverConfig_t * conf)
{
@@ -217,7 +228,9 @@
trace(TRACE_INFO, "CreateSocket(): socket creation complete");
conf->listenSocket = sock;
-
+
+ DropPrivledges(conf);
return 0;
}
+
signature.asc
Description: Digital signature
